By type
Caller Properties Initialized
cat SSO
cadi_keyfile=/root/.aaf/keyfile
aaf_id=deployer@people.osaaf.org
aaf_password=enc:chkZ8XeyQbvIoJXPxDnjLPGHI4Vo78aVzN538u-JWbA
aaf_locate_url=https://-locator.:8095
aaf_url_cm=https://AAF_LOCATE_URL/%CNS.%NS.cm:2.1
aaf_url=https://AAF_LOCATE_URL/%CNS.%NS.service:2.1
cadi_truststore=/root/.aaf/truststoreONAPall.jks
cadi_truststore_password=changeit
cadi_latitude=
cadi_longitude=
hostname=dmaap-mr
aaf_locator_fqdn=dmaap-mr
aaf_locator_container=oom
aaf_locator_container_ns=onap
aaf_locate_url=https://aaf-locate.onap:8095
aaf_locator_app_ns=org.osaaf.aaf
cadi_longitude=-122.26147
cadi_latitude=37.78187
aaf_locator_public_fqdn=mr.dmaap.onap.org
Created /opt/app/osaaf/local
Existing files in /opt/app/osaaf/local
total 0
Clean up directory /opt/app/osaaf/local
Namespace is org.onap.dmaap.mr
#### Create Configuration files
Writing to /opt/app/osaaf/local
Writing file /opt/app/osaaf/local/org.onap.dmaap.mr.keyfile
Passed in Truststore is /root/.aaf/truststoreONAPall.jks
New Truststore is /opt/app/osaaf/local/truststoreONAPall.jks
Creating new /opt/app/osaaf/local/org.onap.dmaap.mr.location.props
Creating new /opt/app/osaaf/local/org.onap.dmaap.mr.cred.props
Creating new /opt/app/osaaf/local/org.onap.dmaap.mr.props
2022-03-17T23:14:37.181+0000: Trans Info
REMOTE Get Configuration 778.7783ms
############################################################
# Properties Generated by AT&T Certificate Manager
# by root
# on 2022-03-17T23:14:37.180+0000
# @copyright 2019, AT&T
############################################################
aaf_env=DEV
aaf_id=dmaapmr@mr.dmaap.onap.org
aaf_locate_url=https://aaf-locate.onap:8095
aaf_locator_app_ns=org.osaaf.aaf
aaf_locator_container=oom
aaf_locator_container_ns=onap
aaf_locator_fqdn=dmaap-mr
aaf_locator_public_fqdn=mr.dmaap.onap.org
aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.introspect:2.1/introspect
aaf_oauth2_token_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.token:2.1/token
aaf_url=https://AAF_LOCATE_URL/%CNS.%AAF_NS.service:2.1
aaf_url_cm=https://AAF_LOCATE_URL/%CNS.%AAF_NS.cm:2.1
aaf_url_fs=https://AAF_LOCATE_URL/%CNS.%AAF_NS.fs:2.1
aaf_url_gui=https://AAF_LOCATE_URL/%CNS.%AAF_NS.gui:2.1
aaf_url_hello=https://aaf-locate.onap:8095/locate/onap.org.osaaf.aaf.hello:2.1
aaf_url_oauth=https://AAF_LOCATE_URL/%CNS.%AAF_NS.oauth:2.1
cadi_prop_files=/opt/app/osaaf/local/org.onap.dmaap.mr.location.props:/opt/app/osaaf/local/org.onap.dmaap.mr.cred.props
cadi_protocols=TLSv1.1,TLSv1.2
#### Certificate Authorization Artifact
2022-03-17T23:14:37.460+0000 INIT [cadi] cadi_keyfile points to /opt/app/osaaf/local/org.onap.dmaap.mr.keyfile
2022-03-17T23:14:37.482+0000 INIT [cadi] https.protocols set by cadi_protocols in CADI Properties
2022-03-17T23:14:37.482+0000 INIT [cadi] jdk.tls.client.protocols set from Default Protocols
AppID: dmaapmr@mr.dmaap.onap.org
Sponsor: mmanager@osaaf.org
Machine: dmaap-mr
CA: local
Types: file,jks,pkcs12,script
Namespace: org.onap.dmaap.mr
Directory: /opt/app/osaaf/local
O/S User: root
Renew Days: 30
Notification mailto:
2022-03-17T23:14:38.714+0000: Trans Info
Read Artifact 467.16302ms
#### Place Certificates (by deployer)
2022-03-17T23:14:39.108+0000 INIT [cadi] cadi_keyfile points to /opt/app/osaaf/local/org.onap.dmaap.mr.keyfile
2022-03-17T23:14:39.136+0000 INIT [cadi] https.protocols set by cadi_protocols in CADI Properties
2022-03-17T23:14:39.136+0000 INIT [cadi] jdk.tls.client.protocols set from Default Protocols
Writing to /opt/app/osaaf/local
Writing file /opt/app/osaaf/local/org.onap.dmaap.mr.crt
Writing file /opt/app/osaaf/local/org.onap.dmaap.mr.key
Writing file /opt/app/osaaf/local/org.onap.dmaap.mr.jks
Writing file /opt/app/osaaf/local/org.onap.dmaap.mr.trust.jks
Writing file /opt/app/osaaf/local/org.onap.dmaap.mr.p12
Writing file /opt/app/osaaf/local/org.onap.dmaap.mr.trust.jks
Writing file /opt/app/osaaf/local/org.onap.dmaap.mr.check.sh
Writing file /opt/app/osaaf/local/org.onap.dmaap.mr.crontab.sh
Backing up /opt/app/osaaf/local/org.onap.dmaap.mr.cred.props
2022-03-17T23:14:41.136+0000: Trans Info
REMOTE Place Artifact 1195.9735ms
Reconstitute Private Key 0.374628ms
Reconstitute Private Key 0.048259ms
Obtained Certificates
#### Validate Configuration and Certificate with live call
2022-03-17T23:14:41.524+0000 INIT [cadi] cadi_keyfile points to /opt/app/osaaf/local/org.onap.dmaap.mr.keyfile
2022-03-17T23:14:41.549+0000 INIT [cadi] https.protocols set by cadi_protocols in CADI Properties
2022-03-17T23:14:41.549+0000 INIT [cadi] jdk.tls.client.protocols set from Default Protocols
Validating Configuration...
2022-03-17T23:14:42.385+0000 INIT [cadi] X509 Chain
0)
Subject: C=US, O=ONAP, OU=OSAAF, OU=dmaapmr@mr.dmaap.onap.org:DEV, CN=dmaap-mr
Issuer : CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
Expires: Fri Mar 17 23:14:40 GMT 2023
1)
Subject: CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
Issuer : C=US, O=ONAP, OU=OSAAF
Expires: Thu Aug 17 18:51:37 GMT 2023
2022-03-17T23:14:42.389+0000 INIT [cadi] https.protocols loaded from System Properties
2022-03-17T23:14:42.389+0000 INIT [cadi] jdk.tls.client.protocols loaded from System Properties
2022-03-17T23:14:42.442+0000 INIT [cadi] RegistrationProperty: default_container='oom'
2022-03-17T23:14:42.443+0000 INIT [cadi] RegistrationProperty: public_port='null'
2022-03-17T23:14:42.450+0000 INIT [cadi] RegistrationProperty: hostname='dev-message-router-0'
2022-03-17T23:14:42.451+0000 INIT [cadi] RegistrationProperty: public_fqdn='mr.dmaap.onap.org'
2022-03-17T23:14:42.451+0000 INIT [cadi] RegistrationProperty: default_name='%NS.%N'
2022-03-17T23:14:42.451+0000 INIT [cadi] RegistrationProperty: latitude='37.78187'
2022-03-17T23:14:42.452+0000 INIT [cadi] RegistrationProperty: longitude='-122.26147'
2022-03-17T23:14:42.453+0000 INIT [cadi] RegistrationProperty: public_hostname(overloaded by )='mr.dmaap.onap.org'
2022-03-17T23:14:42.453+0000 INIT [cadi] RegistrationProperty: default_fqdn='dmaap-mr'
2022-03-17T23:14:42.453+0000 INIT [cadi] RegistrationProperty: default_container_ns='onap'
2022-03-17T23:14:42.453+0000 DEBUG [cadi] RegistrationReplacement from AAFCon, source: https://AAF_LOCATE_URL/%CNS.%AAF_NS.service:2.1, dot_le: .oom, value: https://aaf-locate.onap:8095/locate/onap.org.osaaf.aaf.service:2.1
2022-03-17T23:14:42.453+0000 INFO [cadi] AAFCon has URL of https://aaf-locate.onap:8095/locate/onap.org.osaaf.aaf.service:2.1
2022-03-17T23:14:42.543+0000 DEBUG [cadi] Configured AbsAAFLocator not found"LocatorCreator is not set"Continuing Locator creation
2022-03-17T23:14:42.544+0000 DEBUG [cadi] RegistrationReplacement from Config.loadLocator, source: https://AAF_LOCATE_URL/%CNS.%AAF_NS.service:2.1, dot_le: .oom, value: https://aaf-locate.onap:8095/locate/onap.org.osaaf.aaf.service:2.1
2022-03-17T23:14:42.544+0000 INFO [cadi] loadLocator URL is https://aaf-locate.onap:8095/locate/onap.org.osaaf.aaf.service:2.1
2022-03-17T23:14:42.547+0000 DEBUG [cadi] RegistrationReplacement from AAFLocator, source: https://AAF_LOCATE_URL, dot_le: .oom, value: https://aaf-locate.onap:8095
2022-03-17T23:14:42.547+0000 INFO [cadi] AbsAAFLocator AAF URI is https://aaf-locate.onap:8095/locate
2022-03-17T23:14:42.547+0000 DEBUG [cadi] RegistrationReplacement from AAFLocator, source: onap.org.osaaf.aaf.service:2.1, dot_le: .oom, value: onap.org.osaaf.aaf.service:2.1
2022-03-17T23:14:42.548+0000 INFO [cadi] AbsAAFLocator name is https://aaf-locate.onap:8095/locate
2022-03-17T23:14:42.566+0000 DEBUG [cadi] Root URI: https://aaf-locate.onap:8095/locate/onap.org.osaaf.aaf.service:2.1
2022-03-17T23:14:42.576+0000 INFO [cadi] AAFLocator enabled using https://aaf-locate.onap:8095
Success connecting to https://aaf-service.onap:8100
Permissions for dmaapmr@mr.dmaap.onap.org
org.onap.dmaap.mr.access|*|*
Initialization complete
*** retrieving passwords for certificates
*** password retrieval succeeded
*** change jks password into shell safe one
Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore org.onap.dmaap.mr.jks -destkeystore org.onap.dmaap.mr.jks -deststoretype pkcs12".
*** set key password as same password as jks keystore password
Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore org.onap.dmaap.mr.jks -destkeystore org.onap.dmaap.mr.jks -deststoretype pkcs12".
*** store the passwords
*** give ownership of files to the user